If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

What is nessus?

I know that this may be this may be quite annoying for some experts ... hopefully annoying enough to flame me. But I have heard too much about nessus. This thing comes along with many Linux distros. But after all what is nessus? Google and other searches tell it is a network vulnerability scanner. However I see some people tell that nessus is a DATA recovery software. While some say that it runs on *nix boxes but some say that runs even on Windows.

So is nessus a Network vulnerabilty scanner or Data recovery solution or both?

What OSes does it run on? Does it run on only *nix or Windows or both or even on others like Mac?

Nessus : Premier UNIX vulnerability assessment tool
Nessus is the best free network vulnerability scanner available, and the best to run on UNIX at any price. It is constantly updated, with more than 11,000 plugins for the free (but registration and EULA-acceptance required) feed. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Nessus 3 is now closed source, but is still free-of-cost unless you want the very newest plugins. Also, run on windows xp. This was copied and pasted from www.insecure.org
and don't forget about

Thanks a lot to all of you. I understood the fact. Now can someone tell me if it fine to use it for scanning my home network with it?

Nessus 3.0.5 would be perfect for you to scan your LAN also help to find any holes, open ports detailed technical info about each warning excellent too indeed. As a matter of fact I scanned a box on mmy WLAN last night.

Will using it to scan external IPs be against Law? I wanted to use it to scan the external IPs.

__________________

Honestly, I don't know I havent read the EULA IM sure it's all covered in their. As far as legal action yes you could get in trouble for scanning remote machines espically with an application like nessus. I personally wouldnt just scan random host(s) with an application like nessus. To noisy. Try an app like nmap from www.insecure.org

I personally wouldnt just scan random host(s) with an application like nessus. To noisy. Try an app like nmap from www.insecure.org

NMAP scans can be seen just like a jumbo jet coming out of the sky if you don't configure the scan properly. Have a look at some of the tutorials on the site for step by step instructions on how to use NMAP effectively.

Will using it to scan external IPs be against Law? I wanted to use it to scan the external IPs.

It depends what you scan, which country the target host/network resides and what laws you break in between. Best practice is to assume that it is illegal unless you've been given permission to scan it. Insecure.org has a dummy server out on the net that you can freely scan. Visit the site for details.

Scanning from behind a SOHO NAT router (like Linksys, etc.) out to external IPs is a verrrrry bad idea. You will consume all the memory used for the connection table and your router will lock up tight.

--TH13

Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden